How severe is CVE-2024-28136?

CVE-2024-28136 has a CVSS v3 score of 7.8 (HIGH).

CVE-2024-28136

7.8HIGH

A local attacker with low privileges can use a command injection vulnerability to gain root privileges due to improper input validation using the OCPP Remote service.

Published: 5/14/2024Updated: 1/24/2025

Description

A local attacker with low privileges can use a command injection vulnerability to gain root privileges due to improper input validation using the OCPP Remote service.

AI AnalysisPowered by AI

Affected Products

phoenixcontactcharx_sec-3000_firmware

phoenixcontactcharx_sec-3000

phoenixcontactcharx_sec-3050_firmware

phoenixcontactcharx_sec-3050

phoenixcontactcharx_sec-3100_firmware

phoenixcontactcharx_sec-3100

phoenixcontactcharx_sec-3150_firmware

phoenixcontactcharx_sec-3150

References

https://cert.vde.com/en/advisories/VDE-2024-019
Third Party Advisory
https://cert.vde.com/en/advisories/VDE-2024-019
Third Party Advisory